eventsource-cross-origin.window.js (1974B)
1 // META: title=EventSource: cross-origin 2 3 const crossdomain = location.href.replace('://', '://élève.').replace(/\/[^\/]*$/, '/'), 4 origin = location.origin.replace('://', '://xn--lve-6lad.'); 5 6 7 function doCORS(url, title) { 8 async_test(document.title + " " + title).step(function() { 9 var source = new EventSource(url, { withCredentials: true }) 10 source.onmessage = this.step_func_done(e => { 11 assert_equals(e.data, "data"); 12 assert_equals(e.origin, origin); 13 source.close(); 14 }) 15 }) 16 } 17 18 doCORS(crossdomain + "resources/cors.py?run=message", 19 "basic use") 20 doCORS(crossdomain + "resources/cors.py?run=redirect&location=/eventsource/resources/cors.py?run=message", 21 "redirect use") 22 doCORS(crossdomain + "resources/cors.py?run=status-reconnect&status=200", 23 "redirect use recon") 24 25 function failCORS(url, title) { 26 async_test(document.title + " " + title).step(function() { 27 var source = new EventSource(url) 28 source.onerror = this.step_func(function(e) { 29 assert_equals(source.readyState, source.CLOSED, 'readyState') 30 assert_false(e.hasOwnProperty('data')) 31 source.close() 32 this.done() 33 }) 34 35 /* Shouldn't happen */ 36 source.onmessage = this.step_func(function(e) { 37 assert_unreached("shouldn't fire message event") 38 }) 39 source.onopen = this.step_func(function(e) { 40 assert_unreached("shouldn't fire open event") 41 }) 42 }) 43 } 44 45 failCORS(crossdomain + "resources/cors.py?run=message&origin=http://example.org", 46 "allow-origin: http://example.org should fail") 47 failCORS(crossdomain + "resources/cors.py?run=message&origin=", 48 "allow-origin:'' should fail") 49 failCORS(crossdomain + "resources/message.py", 50 "No allow-origin should fail")